Loading ....


THE DESIGN AND IMPLEMENTATION OF HARDWARE SYSTEMS FOR INFORMATION FLOW TRACKING

THE DESIGN AND IMPLEMENTATION OF HARDWARE SYSTEMS FOR INFORMATION FLOW TRACKING

 

ABSTRACT

Computer security is a critical problem impacting every segment of social life. Recent research has shown that Dynamic Information Flow Tracking (DIFT) is a promising technique for detecting a wide range of security attacks. With hardware support, DIFT can provide comprehensive protection to unmodified application binaries against input validation attacks such as SQL injection, with minimal performance overhead. This dissertation presents Raksha, the first flexible hardware platform for DIFT that protects both unmodified applications, and the operating system from both low-level memory corruption exploits such as buffer overflows, and high-level semantic vulnerabilities such as SQL injections and cross-site scripting. Raksha uses tagged memory to support multiple, programmable security policies that can protect the system against concurrent attacks. It also describes the full-system prototype of Raksha constructed using a synthesizable SPARC V8 core and an FPGA board. This prototype provides comprehensive security protection with no false-positives and minimal performance, and area overheads. Traditional DIFT architectures require significant changes to the processors and caches, and are not portable across different processor designs. This dissertation addresses this practicality issue of hardware DIFT and proposes an off-core coprocessor approach that greatly reduces the design and validation costs associated with hardware DIFT systems. Observing that DIFT operations and regular computation need only synchronize on system calls to maintain security guarantees, the coprocessor decouples all DIFT functionality from the main core. Using a full-system prototype based on a synthesizable SPARC core, it shows that the coprocessor approach to DIFT provides the same security guarantees as Raksha, with low performance and hardware overheads. It also provides a practical and fast hardware solution to the problem of inconsistency between data and metadata in multiprocessor systems, when DIFT functionality is decoupled from the main core. This dissertation also explores the use of tagged memory architectures for solving security problems other than DIFT. Recent work has shown that application policies can be expressed in terms of information flow restrictions and enforced in an OS kernel, providing a strong assurance of security. This thesis shows that enforcement of these policies can be pushed largely into the processor itself, by using tagged memory support, which can provide stronger security guarantees by enforcing application security even if the OS kernel is compromised. It presents the Loki architecture that uses tagged memory to directly enforce application security policies in hardware. Using a full-system prototype, it shows that such an architecture can help reduce the amount of code that must be trusted by the operating system kernel.

 

Introduction

It is widely recognized that computer security is a critical problem with far-reaching financial and social implications [72]. Despite significant development efforts, existing security tools do not provide reliable protection against an ever-increasing set of attacks, worms, and viruses that target vulnerabilities in deployed software. Apart from memory corruption bugs such as buffer overflows, attackers are now focusing on high-level exploits such as SQL injections, command injections, cross-site scripting and directory traversals. Worms that target multiple vulnerabilities in an orchestrated manner are also becoming increasingly common [11, 83]. Hence, research on computer system security is timely. The root of the computer security problem is that existing protection mechanisms do not exhibit many of the desired characteristics of an ideal security technique. They should be safe: provide defense against vulnerabilities with no false positives or negatives; flexible: adapt to cover evolving threats; practical: work with real-world code (including legacy binaries, dynamically generated code, or operating system code) without assumptions about compilers or libraries; and fast: have small impact on application performance. Additionally, they must offer clean abstractions for expressing security policies, in order to be implementable in practice.

Recent research has established Dynamic Information Flow Tracking (DIFT) as a promising platform for detecting a wide range of security attacks. The idea behind

DIFT is to tag (taint) untrusted data and track its propagation through the system. DIFT associates a tag with every word of memory in the system. Any new data derived from untrusted data is also tainted. If tainted data is used in a potentially unsafe manner, such as the execution of a tagged SQL command or the dereferencing of a tagged pointer, a security exception is raised.


NOTE: To have an access to Download this material please contact Us On
+234-903-685-7618, Any Time
Or Or Locate us at pam industrial estate Block 4 Makurdi, Benue State

Click here to make a payment Online or get Payment details